Reasons behind cyber attacks

Find out why cyber criminals target businesses and what assets (financial or otherwise) may be at risk from attacks.

Every business has assets criminals want to exploit – this is just as true for small businesses as it is for large companies and organisations. Understanding the common motives behind attacks will help you better understand the risks, and enable you to prioritise your defences.

Why do cyber attacks happen?

Most often, cyber attacks happen because criminals want:

  • your business financial details
  • customers' payment information (eg credit card data)
  • sensitive personal data
  • email addresses and login credentials
  • customer or client databases
  • IT infrastructure and services (
  • eg the ability to accept online payments)
  • intellectual property (eg trade secrets or product designs)

Most attacks are deliberate and aim for financial gain. Others stem from:

  • hacktivism - making a social or political point
  • espionage - eg spying on competitors for unfair advantage
  • intellectual challenge - eg 'white hat' hacking

Types of cyber attackers: insiders and outsiders

Threats can originate inside or outside your organisation.

Insiders

Anyone with physical or remote access to your business assets can create cyber risk. For example:

  • trusted employees who misplace information by accident
  • careless employees who ignore policies and procedures
  • disgruntled employees or ex-employees who want to harm your business
  • malicious insiders with legitimate access to key systems and data

Business partners, clients, suppliers and contractors can also pose insider threats to cyber security.

Outsiders

External cyber security threats come from a variety of sources, including:

  • organised crime groups
  • professional hackers - malicious or state-sponsored
  • amateur hackers - sometimes known as 'script kiddies'

Understanding where the threats come from will help you focus cyber risk management and allow you to prioritise your defences and tailor staff training to common tactics. It can also help predict the type of damage and plan your responses more effectively.

Why is cyber security important?

Cyber crime disrupts operations, causes financial loss and damages reputation. It can also trigger:

  • regulatory fines or negligence claims
  • breaches of contracts
  • loss of trust among customers and suppliers

Read more about the potential impact of cyber attack on your business.

To strengthen your defence, stay informed using the National Cyber Security Centre's (NCSC) cyber threat alerts and sign up for their free Early Warning Service to get notifications of threats to your network as soon as possible.

Actions
Cyber security: small business guide
NCSC: 10 steps to cyber security
NCA cyber crime advice
Check your cyber security
Free Cyber Action Plan
Invest NI's ICT support for business
Also on this site
Business Crime Partnership
Protect your business online
Protect your business from ransomware
IT risk management
Content category
IT

Source URL

/content/reasons-behind-cyber-attacks

Links